Gain Code Insights with JFrog Artifactory and Atlassian Bitbucket

By Craig Peters

| September 4, 2018

SHARE:

At the 2018 Atlassian European Summit in Barcelona, Atlassian introduced a new UX in Bitbucket Server that empowers developers to be more productive. Called Code Insights, it gathers information from across the DevOps toolchain into Bitbucket’s pull request experience.

On the heels of this news, JFrog is announcing a new integration that brings critical data from JFrog Artifactory and JFrog Xray to developers’ fingertips through Bitbucket Server, integrating into the regular process of reviewing pull requests.

The JFrog integration allows CI tools to annotate Bitbucket pull requests with information about the related artifacts in Artifactory, along with security and license scanning results from Xray.

Artifactory and Xray Summary Reports in a Bitbucket Pull Request

When you review the pull request, the Code Insights from JFrog Artifactory provides direct access to details of the build that the pull request generated. You can gain insight into which dependencies were resolved and which new packages were created, as well as see an audit trail of how this and many other things have changed over time.

Artifactory Build Details

For developers, this information can radically shorten the time to resolve issues with pull requests.

With JFrog Xray you can create policies to provide visibility or control of the flow of packages through your pipelines.

Xray Policies List

Security Rule Editor

To enable this integration, you must configure credentials and endpoints, then insert a simple script into the build automation step of your CI pipeline. You can view the proof of concept script here. It contains Bitbucket Code Insights API, JFrog Artifactory, Xray, and command line interface (CLI) and was developed using code from Atlassian’s Bitbucket Early Access Program (EAP).